Lazarus malware strikes South Korean supply chains

Lazarus malware has been tracked in new campaigns against South Korean supply chains, made possible through stolen security certificates. On Monday, cybersecurity researchers from ESET revealed the abuse of the certificates, stolen from two separate, legitimate South Korean companies. Lazarus, Read More …

Marriott fined £18.4 million by UK watchdog over customer data breach

The Information Commissioner’s Office (ICO) has fined Marriott £18.4 million over a 2014 data breach, heavily reducing the penalty originally planned due to COVID-19 disruption. The Marriot hotel group was subject to a 2014 data breach impacting the Starwood resort Read More …

Windows kernel zero-day disclosed by Google’s Project Zero after bug exploited in the wild by hackers

Google’s Project Zero bug-hunting team has disclosed a Windows kernel flaw that’s being actively exploited by miscreants to gain administrator access on compromised machines. The web giant’s bug report was privately disclosed to Microsoft on October 22, and publicly revealed Read More …

Lazada confirms 1.1M accounts compromised in RedMart security breach

Singapore-based online grocery platform RedMart has suffered a data breach that compromised personal data of 1.1 million accounts. An individual has claimed to be in possession of the database involved in the breach, which contains various personal information such as Read More …

SMS Phishing Attempts Are Riding the Presidential Election Wave

SMS-based outreach has become a standard in the political playbook, with candidates and their supporters soliciting financial support, opinions, and votes through texting with increasing frequency and sophistication. In the course of protecting enterprise endpoints, Symantec, a division of Broadcom, Read More …

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat (APT) actor Turla. In Read More …